Contact Info

Atlas Cloud LLC 600 Cleveland Street Suite 348 Clearwater, FL 33755 USA

[email protected]

Client Area
Recommended Services
Supported Scripts
WordPress
Hubspot
Joomla
Drupal
Wix
Shopify
Magento
Typeo3

Years ago, my team and I recognized the diminishing boundaries of traditional security measures within our industry. At Sanmina, a leader in the electronic manufacturing services sector, optimizing the efficiency, productivity, and security of our workforce, regardless of their location, became essential as we transitioned to cloud-based solutions and embraced Industry 4.0 practices. It was clear that adopting a zero trust architecture was necessary to reduce cybersecurity risks and streamline operations.

Based in San Jose, California, Sanmina operates across six continents and is a Fortune 500 company known for producing complex circuit boards and backplanes. Our client base covers diverse industries including medical, automotive, communications, and defense and aerospace. Commitment to excellence in performance, flexibility, and technological innovation is at the core of our pledge to surpass customer expectations.

Why we shifted from legacy architecture to Zscaler zero trust

Since joining Sanmina in 1999 as a technical support staff, I observed firsthand the vulnerabilities in our security framework. Ascending through the ranks led me to establish our dedicated security department, enhance security measures, and promote cybersecurity awareness among our staff. Witnessing the technological advancements in the manufacturing field and the rise of zero trust methodologies convinced me of the necessity of this model. Ensuring secure, swift access to essential applications for our global team is crucial for our ongoing success and expansion.

Originally, maintaining physical servers equipped with Squid caching proxy at over 60 locations for web filtering was a considerable challenge. This issue was resolved by adopting the Zscaler Zero Trust Exchange™ platform along with Zscaler Internet Access™ (ZIA™), which allowed for the gradual elimination of SWG servers worldwide.

Another major hurdle was providing secure remote access through VPNs. Previously, everyone from employees to customers used the same VPN access, managed via our identity system. This method posed risks due to encrypted traffic potentially hiding threats, and it suffered from poor performance as all traffic routed through our data center firewalls before reaching the necessary resources.

The VPN setup also introduced complexities with its multitude of physical devices requiring individual configurations, updates, and maintenance across multiple locations. Manual updates for every single change made this system unsuitable for a zero trust architecture in today’s perimeter-less infrastructure.

After exploring various alternatives, we opted for Zscaler Private Access™ (ZPA™). Our positive experience with ZIA and the robustness of ZPA, supported by Zscaler’s extensive network of over 150 global data centers, confirmed it as the best solution. This implementation allowed us to discard traditional VPNs entirely and adopt ZPA for secure, efficient access to private applications from remote locations.

For those beginning their journey with Zscaler zero trust, here are six pivotal insights I’ve garnered that aid the shift away from traditional architecture:

Our initial step with Zscaler emphasized that zero trust is a whole-organization approach, not merely confined to the IT department. We also drove home the idea that maintaining security is a collective responsibility.

It is crucial to start with clear communication and thorough education. Employees should be aware of impending changes and the reasons behind them to facilitate a smooth transition. Often, organizations implement new systems without adequate explanations, leaving employees confused about the purpose and benefits. However, making these concepts clear from the beginning can significantly ease the transition. Our own experience showed a positive shift in employee reception when they learned they’d need to re-authenticate only once every seven days instead of every 23 hours.

At various security conferences, I share how my team moved from being seen as the “department of no” to the “department of know.”

Because Zscaler operates differently from traditional methods, successful implementation required a leap of faith in the technology. This meant IT departments had to abandon old practices and adopt new, more efficient procedures made possible by Zscaler’s easy management features. These new processes proved to be more efficient, productive, and streamlined.

Mergers and Acquisitions (M&A) are crucial for Sanmina’s growth and profitability. Prior to using Zscaler Private Access (ZPA), our M&A activities were slow and cumbersome. Initially, we had to configure the acquired company’s computers to suit our network and firewall specifications. Using VPNs, we connected new users to our corporate network, granting them full application access. This posed significant risks as we could not verify if their security standards were adequate.

With the Zscaler platform, we can now integrate new companies on day one, allowing new staff access only to approved applications. This approach dramatically enhances our M&A security strategy.

We activated ZPA’s posture check early during deployment and introduced geolocation policies. For instance, settings for employees traveling from China are adjusted to connect through different nodes based on their location, and readjusted upon their return. ZPA facilitates the implementation of such detailed policies, ensuring continued productivity and maximizing long-term investment benefits regardless of employee location.

One of the significant advantages of utilizing the Zscaler platform is the ability to delegate everyday management tasks to our Security Operations teams. This efficiency is due to the platform’s straightforward and intuitive interface. By doing so, our expert security personnel can allocate more time to strategic objectives rather than daily operations, significantly benefiting our company by allowing us to channel efforts into more impactful projects.

Effective communication with the executive team regarding our risk status is another crucial aspect. Upon discovering Zscaler Risk360™, we quickly integrated it into our operations. Risk360 provides a comprehensive view of risks throughout our organization, with capabilities to delve into specific risk factors and even fiscal impacts. This tool simplifies the process of crafting detailed reports for both our board and management, offering them a clear perspective on the prioritization and resolution of security concerns.

The Zscaler platform has delivered outstanding results, enhancing our capacity to:

This contributes significantly to our overarching aim of reducing risk across the enterprise, which in turn allows us to offer superior service to our partners and clientele.

We’re excited about deepening our exploration of Zscaler’s capabilities. The recent integration of the AI-powered Avalor Data Fabric for Security with Risk360 will help us improve risk management by identifying vulnerabilities and proactively mitigating them before they become a problem. By aggregating data across our entire environment, the data fabric will provide rich context so that we gain an in-depth understanding of the actual risks presented by the vulnerabilities Risk360 discovers. As a manufacturing company, we are also interested in extending zero trust segmentation to our operational technology (OT) environment. Zscaler’s Airgap technology will help us protect east-west traffic in all the manufacturing plants within our critical OT infrastructure.

Our return on investment with Zscaler has been multifaceted. The Zero Trust Exchange platform has increased our agility, improved our security posture, enhanced our employees’ productivity, reduced costs of operations across our global footprint, decreased complexity, and given us better visibility and control. Our journey with Zscaler has been completely positive from day one. All in all, it’s a win-win for our entire enterprise.

Learn more about Sanmina’s journey to zero trust by reading the case study.


Welcome to DediRock, your trusted partner in high-performance hosting solutions. At DediRock, we specialize in providing dedicated servers, VPS hosting, and cloud services tailored to meet the unique needs of businesses and individuals alike. Our mission is to deliver reliable, scalable, and secure hosting solutions that empower our clients to achieve their digital goals. With a commitment to exceptional customer support, cutting-edge technology, and robust infrastructure, DediRock stands out as a leader in the hosting industry. Join us and experience the difference that dedicated service and unwavering reliability can make for your online presence. Launch our website.

Share this Post
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x